SUBSCRIBE TO OUR FREE NEWSLETTER
Daily news & progressive opinion—funded by the people, not the corporations—delivered straight to your inbox.
5
#000000
#FFFFFF
5
#000000
#FFFFFF
(Photo: Merrill College of Journalism/flickr/cc)
Stop CISA: Join EFF in a Week of Action Opposing Broad "Cybersecurity" Surveillance Legislation
How do you kill a zombie bill like CISA? Grassroots action. That's why EFF and over a dozen other groups are asking you to join us in a Week of Action to Stop CISA. The Senate is likely to vote on the Cybersecurity Information Sharing Act (CISA) in the coming weeks, and only you can help us stop it.
Jul 27, 2015
How do you kill a zombie bill like CISA? Grassroots action. That's why EFF and over a dozen other groups are asking you to join us in a Week of Action to Stop CISA. The Senate is likely to vote on the Cybersecurity Information Sharing Act (CISA) in the coming weeks, and only you can help us stop it.
We keep hearing that CISA and the other "cybersecurity" bills moving through Congress are "must-pass" legislation. But just like the original version of CISA, the Cyber Intelligence Sharing and Protection Act (CISPA), we think grassroots activism can stop this legislation in its tracks.
CISA is fundamentally flawed because of its broad immunity clauses for companies, vague definitions, and aggressive spying powers. Combined, they make the bill a surveillance bill in disguise. The bill may even make things worse for Internet users in several ways. That's why we're launching a week of action to make sure Congress is getting the message loud and clear: CISA must not pass.
The Week of Action
EFF and our allies have been hard at work fighting Congress' cyber surveillance bills. But the most important voices are yours. Here's how to help:
- Visit the Stop Cyber Spying coalition website where you can email and fax your Senators and tell them to vote no on CISA.
- Use a new tool developed by Fight for the Future to fax your lawmakers from the Internet. We want to make sure they get the message.
- Check out our AMA on Reddit on Wednesday July 29 at 10am ET/7am PT with EFF, Access, Fight for the Future, and the ACLU and let your friends know about it.
- Help us spread the word. After you've taken action, tweet out why CISA must be stopped with the hashtag #StopCISA. Use the hashtag #FaxBigBrother if you want to automatically send a fax to your Senator opposing CISA. If you have a blog, join us by publishing a blog post this week about why you oppose CISA, and help us spread the word about the action tools at https://stopcyberspying.com/. For detailed analysis you can check out this blog post and this chart.
With your help, we'll make sure Congress gets the message: now more than ever, we don't need more cyber surveillance. We need better security. CISA must be defeated because it may make things worse for Internet users in several ways:
New and Invasive Tools for Companies
CISA allows companies to monitor their information systems for broadly-defined threats. Moreover, and equally alarming, the bill authorizes companies to launch countermeasures against perceived attackers, without any safeguards. While it prohibits measures that cause "substantial harm," it's unclear exactly what substantial is, leaving open the possibility of measures that cause a significant degree of harm. A letter sent in March by over 25 groups opposing CISA pointed out that, "CISA permits companies to recklessly deploy countermeasures that damage networks belonging to innocent bystanders."
Overbroad definitions
As if the new authorities weren't enough, the bill's broad definitions grant companies even more discretion to decide when to go on the offense against perceived threats. For example, "cybersecurity purpose" is so broadly defined that it means almost anything related to protecting (including physically protecting) an information system, which can be a computer or software. The same goes for a "cybersecurity threat," which includes anything that "may result" in an unauthorized effort to impact the availability of information or an information system.
Cyber surveillance (with the help of the NSA)
Not only does CISA grant companies more power to obtain "cyber threat indicators" and to disclose that data to the government without a warrant--it requires real time sharing of that information to military and intelligence agencies, including the NSA. In other words, cyber threat indicators shared with any agency would be automatically shared with the NSA--all without requiring companies to strip out personally identifying information.
To make matters worse, CISA grants the government too much discretion in how to use the information for non-cybersecurity purposes. It also contains exemptions to the Freedom of Information Act, which will keep the public in the dark about what information is being collected, shared, or used.
Near-Blanket Immunity
Finally, CISA would create incredibly broad immunity for companies that engage in any of the activities authorized by the bill. This is especially concerning because of the bill's lack of protection for private information and the ability to launch countermeasures. Any company that merely does significant (but not "substantial") harm to innocent people or machines will not be liable in court.
Participating organizations (updated on a daily basis throughout the week)
- Access
- ACLU
- American Library Association
- Association of Research Libraries
- The Center for Democracy and Technology
- The Constitution Project
- EFF
- Fight for the Future
- Free Press
- Freedom of the Press Foundation
- Gandi
- Media Alliance
- Namecheap
- National Association of Criminal Defense Lawyers
- New York Tech Meetup
- The New America Foundation
- The Niskanen Center
- Private Internet Access
- The Sunlight Foundation
- The X-Lab
An Urgent Message From Our Co-Founder
Dear Common Dreams reader, The U.S. is on a fast track to authoritarianism like nothing I've ever seen. Meanwhile, corporate news outlets are utterly capitulating to Trump, twisting their coverage to avoid drawing his ire while lining up to stuff cash in his pockets. That's why I believe that Common Dreams is doing the best and most consequential reporting that we've ever done. Our small but mighty team is a progressive reporting powerhouse, covering the news every day that the corporate media never will. Our mission has always been simple: To inform. To inspire. And to ignite change for the common good. Now here's the key piece that I want all our readers to understand: None of this would be possible without your financial support. That's not just some fundraising cliche. It's the absolute and literal truth. We don't accept corporate advertising and never will. We don't have a paywall because we don't think people should be blocked from critical news based on their ability to pay. Everything we do is funded by the donations of readers like you. Will you donate now to help power the nonprofit, independent reporting of Common Dreams? Thank you for being a vital member of our community. Together, we can keep independent journalism alive when it’s needed most. - Craig Brown, Co-founder |
How do you kill a zombie bill like CISA? Grassroots action. That's why EFF and over a dozen other groups are asking you to join us in a Week of Action to Stop CISA. The Senate is likely to vote on the Cybersecurity Information Sharing Act (CISA) in the coming weeks, and only you can help us stop it.
We keep hearing that CISA and the other "cybersecurity" bills moving through Congress are "must-pass" legislation. But just like the original version of CISA, the Cyber Intelligence Sharing and Protection Act (CISPA), we think grassroots activism can stop this legislation in its tracks.
CISA is fundamentally flawed because of its broad immunity clauses for companies, vague definitions, and aggressive spying powers. Combined, they make the bill a surveillance bill in disguise. The bill may even make things worse for Internet users in several ways. That's why we're launching a week of action to make sure Congress is getting the message loud and clear: CISA must not pass.
The Week of Action
EFF and our allies have been hard at work fighting Congress' cyber surveillance bills. But the most important voices are yours. Here's how to help:
- Visit the Stop Cyber Spying coalition website where you can email and fax your Senators and tell them to vote no on CISA.
- Use a new tool developed by Fight for the Future to fax your lawmakers from the Internet. We want to make sure they get the message.
- Check out our AMA on Reddit on Wednesday July 29 at 10am ET/7am PT with EFF, Access, Fight for the Future, and the ACLU and let your friends know about it.
- Help us spread the word. After you've taken action, tweet out why CISA must be stopped with the hashtag #StopCISA. Use the hashtag #FaxBigBrother if you want to automatically send a fax to your Senator opposing CISA. If you have a blog, join us by publishing a blog post this week about why you oppose CISA, and help us spread the word about the action tools at https://stopcyberspying.com/. For detailed analysis you can check out this blog post and this chart.
With your help, we'll make sure Congress gets the message: now more than ever, we don't need more cyber surveillance. We need better security. CISA must be defeated because it may make things worse for Internet users in several ways:
New and Invasive Tools for Companies
CISA allows companies to monitor their information systems for broadly-defined threats. Moreover, and equally alarming, the bill authorizes companies to launch countermeasures against perceived attackers, without any safeguards. While it prohibits measures that cause "substantial harm," it's unclear exactly what substantial is, leaving open the possibility of measures that cause a significant degree of harm. A letter sent in March by over 25 groups opposing CISA pointed out that, "CISA permits companies to recklessly deploy countermeasures that damage networks belonging to innocent bystanders."
Overbroad definitions
As if the new authorities weren't enough, the bill's broad definitions grant companies even more discretion to decide when to go on the offense against perceived threats. For example, "cybersecurity purpose" is so broadly defined that it means almost anything related to protecting (including physically protecting) an information system, which can be a computer or software. The same goes for a "cybersecurity threat," which includes anything that "may result" in an unauthorized effort to impact the availability of information or an information system.
Cyber surveillance (with the help of the NSA)
Not only does CISA grant companies more power to obtain "cyber threat indicators" and to disclose that data to the government without a warrant--it requires real time sharing of that information to military and intelligence agencies, including the NSA. In other words, cyber threat indicators shared with any agency would be automatically shared with the NSA--all without requiring companies to strip out personally identifying information.
To make matters worse, CISA grants the government too much discretion in how to use the information for non-cybersecurity purposes. It also contains exemptions to the Freedom of Information Act, which will keep the public in the dark about what information is being collected, shared, or used.
Near-Blanket Immunity
Finally, CISA would create incredibly broad immunity for companies that engage in any of the activities authorized by the bill. This is especially concerning because of the bill's lack of protection for private information and the ability to launch countermeasures. Any company that merely does significant (but not "substantial") harm to innocent people or machines will not be liable in court.
Participating organizations (updated on a daily basis throughout the week)
- Access
- ACLU
- American Library Association
- Association of Research Libraries
- The Center for Democracy and Technology
- The Constitution Project
- EFF
- Fight for the Future
- Free Press
- Freedom of the Press Foundation
- Gandi
- Media Alliance
- Namecheap
- National Association of Criminal Defense Lawyers
- New York Tech Meetup
- The New America Foundation
- The Niskanen Center
- Private Internet Access
- The Sunlight Foundation
- The X-Lab
How do you kill a zombie bill like CISA? Grassroots action. That's why EFF and over a dozen other groups are asking you to join us in a Week of Action to Stop CISA. The Senate is likely to vote on the Cybersecurity Information Sharing Act (CISA) in the coming weeks, and only you can help us stop it.
We keep hearing that CISA and the other "cybersecurity" bills moving through Congress are "must-pass" legislation. But just like the original version of CISA, the Cyber Intelligence Sharing and Protection Act (CISPA), we think grassroots activism can stop this legislation in its tracks.
CISA is fundamentally flawed because of its broad immunity clauses for companies, vague definitions, and aggressive spying powers. Combined, they make the bill a surveillance bill in disguise. The bill may even make things worse for Internet users in several ways. That's why we're launching a week of action to make sure Congress is getting the message loud and clear: CISA must not pass.
The Week of Action
EFF and our allies have been hard at work fighting Congress' cyber surveillance bills. But the most important voices are yours. Here's how to help:
- Visit the Stop Cyber Spying coalition website where you can email and fax your Senators and tell them to vote no on CISA.
- Use a new tool developed by Fight for the Future to fax your lawmakers from the Internet. We want to make sure they get the message.
- Check out our AMA on Reddit on Wednesday July 29 at 10am ET/7am PT with EFF, Access, Fight for the Future, and the ACLU and let your friends know about it.
- Help us spread the word. After you've taken action, tweet out why CISA must be stopped with the hashtag #StopCISA. Use the hashtag #FaxBigBrother if you want to automatically send a fax to your Senator opposing CISA. If you have a blog, join us by publishing a blog post this week about why you oppose CISA, and help us spread the word about the action tools at https://stopcyberspying.com/. For detailed analysis you can check out this blog post and this chart.
With your help, we'll make sure Congress gets the message: now more than ever, we don't need more cyber surveillance. We need better security. CISA must be defeated because it may make things worse for Internet users in several ways:
New and Invasive Tools for Companies
CISA allows companies to monitor their information systems for broadly-defined threats. Moreover, and equally alarming, the bill authorizes companies to launch countermeasures against perceived attackers, without any safeguards. While it prohibits measures that cause "substantial harm," it's unclear exactly what substantial is, leaving open the possibility of measures that cause a significant degree of harm. A letter sent in March by over 25 groups opposing CISA pointed out that, "CISA permits companies to recklessly deploy countermeasures that damage networks belonging to innocent bystanders."
Overbroad definitions
As if the new authorities weren't enough, the bill's broad definitions grant companies even more discretion to decide when to go on the offense against perceived threats. For example, "cybersecurity purpose" is so broadly defined that it means almost anything related to protecting (including physically protecting) an information system, which can be a computer or software. The same goes for a "cybersecurity threat," which includes anything that "may result" in an unauthorized effort to impact the availability of information or an information system.
Cyber surveillance (with the help of the NSA)
Not only does CISA grant companies more power to obtain "cyber threat indicators" and to disclose that data to the government without a warrant--it requires real time sharing of that information to military and intelligence agencies, including the NSA. In other words, cyber threat indicators shared with any agency would be automatically shared with the NSA--all without requiring companies to strip out personally identifying information.
To make matters worse, CISA grants the government too much discretion in how to use the information for non-cybersecurity purposes. It also contains exemptions to the Freedom of Information Act, which will keep the public in the dark about what information is being collected, shared, or used.
Near-Blanket Immunity
Finally, CISA would create incredibly broad immunity for companies that engage in any of the activities authorized by the bill. This is especially concerning because of the bill's lack of protection for private information and the ability to launch countermeasures. Any company that merely does significant (but not "substantial") harm to innocent people or machines will not be liable in court.
Participating organizations (updated on a daily basis throughout the week)
- Access
- ACLU
- American Library Association
- Association of Research Libraries
- The Center for Democracy and Technology
- The Constitution Project
- EFF
- Fight for the Future
- Free Press
- Freedom of the Press Foundation
- Gandi
- Media Alliance
- Namecheap
- National Association of Criminal Defense Lawyers
- New York Tech Meetup
- The New America Foundation
- The Niskanen Center
- Private Internet Access
- The Sunlight Foundation
- The X-Lab
We've had enough. The 1% own and operate the corporate media. They are doing everything they can to defend the status quo, squash dissent and protect the wealthy and the powerful. The Common Dreams media model is different. We cover the news that matters to the 99%. Our mission? To inform. To inspire. To ignite change for the common good. How? Nonprofit. Independent. Reader-supported. Free to read. Free to republish. Free to share. With no advertising. No paywalls. No selling of your data. Thousands of small donations fund our newsroom and allow us to continue publishing. Can you chip in? We can't do it without you. Thank you.